Pioneer in hacker detection wins $11 million in new capital

Columbia's Sourcefire gains second round of venture financing

A Columbia company that pioneered a widely used technology for detecting computer hackers has received $11 million in venture capital, its second round of financing during the past year.

Sourcefire Inc. received the latest infusion from a group led by New Enterprise Associates, a major venture firm in Baltimore, which invested about $6 million.

Other investors included Sierra Ventures, Inflection Point Ventures and Core Capital Partners, all of which had earlier stakes in Sourcefire.

Sourcefire sells software based on a technology called Snort that was created by Martin Roesch, the company's founder and chief technology officer. Snort is an open-source code technology, which means its many users can make suggestions on how to improve it via the Internet. Snort developers adopt many of those refinements.

Its open-source community of about 1,500 active programmers provides an early-warning system for Snort. For example, within an hour after Snort received the first reports about the Slammer virus several weeks ago, the code was being adapted to sense it.

"Security is one of the areas where it's good if you have hundreds of thousands, if not millions, of eyes looking for problems," said Tom McDonough, president and chief operating officer of Sourcefire.

Just yesterday, Visa and MasterCard reported that 5 million accounts were breached recently, although fraud wasn't yet known to have occurred.

Sourcefire's challenge will be to build a company by charging thousands of dollars for commercial versions of software now available for free. But McDonough said that companies would be willing to pay for the additional technical support and speed for commercial versions of Snort. Snort's popularity also provides an enormous established customer base of more than 40,000 users.

Sourcefire is reporting growth in a market that hasn't been kind to technology startups recently. The company has been adding the equivalent of an employee a week for the past year and now has 60, up from 15 a year ago. It expects to employ 100 by the end of the year, McDonough said.

The company's revenue has also increased tenfold, to $2.5 million last year from $250,000 in 2001. McDonough expects the company to grow to at least $200 million in revenue as global concerns about network security increase.

SourceFire received $7.5 million in venture financing last year, including $550,000 from the state of Maryland's pool of venture capital for promising startups.

"This was a very competitive deal, NEA was having to battle off other VCs," said Harry Weller, an NEA partner, referring to other venture capital firms vying for the latest round. "We wouldn't fund anything unless we saw some unusual characteristics. And Marty is like a rock star in security circles. People ask for his autograph at sales meetings."

"They have two real good things for working for them: security's hot and open source is real strong. A lot of businesses, including [those] outside the United States, are not afraid of using open-source software," said John Pescatore, who follows Internet security issues for Gartner Inc., a Stamford, Conn. technology research company.

"But they'll need to move beyond this one product area to succeed as a company," he said of Sourcefire.

Pescatore also questioned whether the company would be an attractive acquisition candidate in the future because it doesn't control the intellectual property of the open-source Snort.